last sync: 2022-Sep-30 16:34:23 UTC

Azure Policy definition

Container registries should have repository scoped access token disabled.

Name Container registries should have repository scoped access token disabled.
Azure Portal
Id ff05e24e-195c-447e-b322-5e90c9f9f366
Version 1.0.0
details on versioning
Category Container Registry
Microsoft docs
Description Disable repository scoped access tokens for your registry so that repositories are not accessible by tokens. Disabling local authentication methods like admin user, repository scoped access tokens and anonymous pull improves security by ensuring that container registries exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/acr/authentication.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.ContainerRegistry/registries/tokens/status Microsoft.ContainerRegistry registries/tokens properties.status true
Rule ResourceTypes IF (1)
Microsoft.ContainerRegistry/registries/tokens
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-02-11 18:30:22 add ff05e24e-195c-447e-b322-5e90c9f9f366
Used in Initiatives none
JSON